Author: AUTOCRYPT

25 June, 2024 . 2 mins read

AUTOCRYPT Designated as Vehicle Type Approval Technical Service Provider for UN R155/156

AUTOCRYPT becomes the only company from the APAC region certified to provide cybersecurity evaluations for Vehicle Type Approvals covering over 60 UNECE WP.29 member countries, including European Union, UK, JapanSouth KoreaAustralia, and Vietnam

SEOUL, June 25, 2024 — With UN Regulations 155 and 156 taking effect in July 2024, all vehicles sold in WP.29 member countries must pass cybersecurity evaluations to receive Vehicle Type Approval (VTA). As one of the world’s leading automotive cybersecurity providers, AUTOCRYPT has been officially designated by RDW—the vehicle authority and approval body of the Netherlands—as an approved Technical Service provider for cybersecurity testing.

“Technical Service” or “TS” is a term used by the United Nations Economic Commission for Europe (UNECE) to refer to companies and organizations that are officially certified to conduct vehicle testing and evaluations. These test results are reviewed as part of the VTA process.

AUTOCRYPT earned its designation as a Technical Service provider, primarily due to its expertise in automotive cybersecurity aligned with industry standards. Cybersecurity standards for vehicles were introduced around 2020, and AUTOCRYPT has been developing testing tools and solutions adhering to both ISO/SAE 21434 and UN Regulations 155/156 since then.

“As the first cybersecurity TS provider for UN R155 and 156 from APAC, we are looking forward to support OEMs worldwide in receiving type approvals, preparing their vehicles for market,” said Duksoo Kim, CEO of AUTOCRYPT.

The Technical Service designation is aptly timed, as AUTOCRYPT’s state-of-the-art cybersecurity testing center, Labs 414, is scheduled to open in July of 2024. The brand-new center will serve as the dedicated facility for AUTOCRYPT’s Technical Service—AutoCrypt TS, as well as its comprehensive suite of cybersecurity validation and testing services. Additionally, it will foster collaborative projects with other key industry players.

About Autocrypt Co., Ltd.

AUTOCRYPT is the industry leader in automotive cybersecurity and connected mobility technologies. The company specializes in the development and integration of security software and solutions for in-vehicle systems, V2X communications, Plug&Charge, and mobility platforms, paving the way towards a secure and reliable C-ITS ecosystem in the age of software-defined vehicles. AUTOCRYPT also provides consulting and testing services along with custom solutions for UN R155/156 and ISO/SAE 21434 compliance.

20 June, 2024 . 5 mins read

V2X Development Projects Around the World

The past 5 years were rich in new developments in the world of connected driving, with governments announcing huge grant opportunities for organizations willing to develop and implement Vehicle-to-Everything (V2X) systems infrastructure.

The advantages of widespread V2X implementation are well recognized, particularly in terms of enhanced road safety and reduced carbon emissions. However, the primary challenge in V2X deployment is the ‘hockey stick’ value proposition, where the benefits become substantial only after mass technology deployment. Therefore, a collaboration between government, academia, and the private sector is crucial to advancing the industry.

Global V2X Development Projects

V2X development projects around the globe vary significantly in scale and focus, yet they share the common objective of creating a V2X infrastructure that enhances safety and efficiency in the transportation sector. Below are some notable projects and deployments around the world.

United Kingdom

As part of the V2X Innovation Program supported by the UK Government Initiative, the Rural Energy Resilience Program is exploring new vehicle-to-grid (V2G) and energy management technologies. This project connects local car clubs, community buildings, renewable energy providers, and distribution network providers, deploying various V2G charging points across the community.

The program’s aim is to equip local community buildings with bi-directional chargers featuring V2G functionality. The buildings serve as a rest spot for people who need to charge their EVs, boosting local economies. The community buildings also benefit from energy optimization with access to flexible grid services, which provides back up electricity storage during power outages. Beyond stabilizing energy grids for communities with electricity constraints, the project also enhances transportation options in areas with limited public transport.

United States

The United States has multiple grant schemes aimed at promoting the development of advanced transportation technologies, with both the United States Department of Transportation and the Federal Highway Administration supporting the development of V2X projects. One notable initiative is the Advanced Transportation Technology and Innovation (ATTAIN) program, which encourages the use of advanced technologies to improve safety and reduce travel times for drivers and transit riders.

The University of Michigan’s Transportation Research Institute is a beneficiary of the ATTAIN program. As part of this program, UMTRI deployed over 70 roadside units (RSUs) at intersections in Ann Arbor and retrofitted 100 vehicles with low-cost aftermarket onboard units. This connected environment allows vehicles to communicate with each other, infrastructure, the cloud, cellular networks, pedestrians, and other vulnerable road users.

The project is conducted in partnership with the city of Ann Arbor, Ford, Qualcomm, and others. Aiming to boost safety for passengers, pedestrians, and residents by connecting vehicles to each other and nearby infrastructure, the project sets a baseline for future V2X infrastructure deployments in the United States.

University of Michigan has been a testbed for numerous other V2X projects, one of which is the OmniAir Plugfest. Autocrypt participated in the plugfest to test its V2X-PKI in a collaborative environment with other cybersecurity experts, test laboratories, and deploying agencies. The aim of the plugfest was to demonstrate SCMS interoperability to advance nationwide deployment of V2X technologies.

Singapore

Nanyang Technological University (NTU) is leading the development of Singapore’s first 5G cellular vehicle-to-everything (C-V2X) testbed. As part of the NTU Connected Smart Mobility (COSMO) program, the 200-hectare NTU Smart Campus hosts a testbed leveraging ultra-fast 5G technology to enhance connected mobility.

Partnering with the telecommunications company M1, NTU deployed three 5G base stations to enable reliable communications for a wide range of sensors on vehicles and transport infrastructure. C-V2X equipment were installed in shuttle buses and autonomous vehicles to conduct real-world vehicle localization tests and assess the 5G network’s performance. The testbed allows industry partners to co-design and deploy innovative connected mobility solutions, focusing on safety-critical applications such as collision avoidance, real-time traffic routing, and network security.

The NTU Smart Campus testbed aims to develop a safer, more efficient, and reliable transportation infrastructure, fostering the development of connected mobility in Singapore.

China

China is a leader in global V2X deployment, with the government partnering with the private sector to roll out numerous V2X initiatives and large-scale testing sites across the country to test the technology in diverse conditions.

The Tianjin National Pilot Area was created to explore various application scenarios of V2X, build an open and innovative industrial ecology, and explore feasible ways to test V2X systems. The first phase of the pilot zone covers 48 km of open road area equipped 67 intersections with full-range perception infrastructure and V2X communication nodes.

The main goal of the pilot zone is to verify the security of V2X messages exchanged through the network. 20 security scenarios were laid out across 7.6 km of open road for enterprises to verify the security of V2X mechanisms like secure communication protocols, security certificate applications, and certificate management. The pilot area has been utilized to test over 100 cases for traffic safety, traffic efficiency, and information services.

The global efforts in developing and implementing V2X technology illustrate the collective ambition to enhance road safety, optimize traffic flow, and decarbonize roads. By fostering close collaboration among governments, academia, and private enterprises, these projects demonstrate the potential of V2X technology to revolutionize transportation. As these initiatives continue to advance, they pave the way for a more connected, efficient, and safer future in mobility, ultimately benefiting societies worldwide.

To learn more about AUTOCRYPT’s V2X security solutions, contact global@autocrypt.io.

To stay informed and updated on the latest news about AUTOCRYPT and mobility tech, subscribe to AUTOCRYPT’s newsletter.

31 May, 2024 . 3 mins read

Securing Vehicles with Automotive Intrusion Detection Systems (IDS)

It has long been established that cybersecurity is becoming more important in the automotive industry. The mass adoption of cybersecurity practices in the industry is in line with the development of vehicle technology. Nowadays vehicles have more complex internal structures and are more exposed to external communication channels, meaning that there are more endpoints that need protection from cyber threats. Automakers are turning to various cybersecurity approaches to secure their vehicles, one of the most common ones being automotive intrusion detection systems (IDS).

What is an Automotive IDS?

An automotive IDS is an intrusion detection system adapted specifically for the automotive industry. These solutions monitor network traffic entering and traversing the vehicle, as well as the activities within the vehicle’s components, to detect traffic anomalies or potentially malicious activity. IDS compares the monitored traffic and behaviors against a database of known cyber threats and attack patterns. If a match is found, it raises an alert to the relevant administrators or security personnel to address.

Automotive IDSs typically employ two main detection methods:

1. Signature-based detection: Matches observed activity against a database of known malicious patterns or signatures.

2. Anomaly-based detection: Identifies deviations from established normal network behavior or activity baselines, flagging any unusual activities that might indicate a potential intrusion.

It’s important to note that an intrusion detection system is a monitoring tool, meaning it detects threats but does not actively prevent or mitigate them. Upon detecting anomalous behavior or a potential threat, the IDS sends an alert, allowing administrators to investigate and take appropriate action.

Types of Automotive IDS

IDSs are categorized based on their deployment location and the scope of activity they monitor. In the automotive context, we will discuss two main types:

1. Network-based IDS (N-IDS)

A network-based IDS monitors the entire vehicle network for anomalous activity, checking all incoming and outgoing traffic. This provides a broad, network-level view of potential threats and can detect attacks targeting the vehicle’s communication channels or network infrastructure.

2. Host-based IDS (H-IDS)

A host-based IDS is a security software designed to monitor the activities of an individual host or vehicle component, such as an Electronic Control Unit (ECU). It focuses on detecting threats targeting specific systems or components within the vehicle, providing a more granular level of cybersecurity monitoring.

While implementing either one of these intrusion detection system types will help protect an automobile from cyber attacks, most contemporary vehicles will benefit from a mix of both host-based and network-based IDS. For instance, Autocrypt’s IDS combines both network-based and host-based IDS to ensure maximum threat monitoring coverage across the vehicle’s network and individual components.

Comprehensive Vehicle Protection

To ensure comprehensive vehicle protection, automakers are highly advised to implement multiple cybersecurity solutions simultaneously. Since an IDS is a monitoring-only device, pairing it with an Intrusion Prevention System (IPS) would ensure that malicious activities are not only detected but also mitigated.

Additionally, implementing diverse cybersecurity measures will help automakers better address the requirements of vehicle cybersecurity regulations like UN R155 and R156, which mandate cybersecurity throughout the entire vehicle lifecycle.

By adopting a multi-layered approach with complementary cybersecurity solutions like IDS, IPS, and others, automakers can significantly enhance the overall security posture of their vehicles, safeguarding them against a wide range of cyber threats in today’s connected automotive landscape.

Visit our in-vehicle security solutions page to find the solution that best fits your cybersecurity needs.

Follow AUTOCRYPT on LinkedIn to stay informed about our latest news and blogs.

29 May, 2024 . 2 mins read

AUTOCRYPT Highlights Innovations in Secure and Sustainable Mobility at ITF 2024 Summit

At the ITF 2024 Summit, AUTOCRYPT showcased its Cybersecurity Testing Platform (CSTP) for vehicle type approval, and its Charging Station Management System (CSMS) for charge point operators

LEIPZIG, May 29, 2024 — At the International Transport Forum (ITF)’s annual summit, AUTOCRYPT, a leading company in automotive cybersecurity and mobility technology, highlighted the critical importance of cybersecurity innovations within the industry. AUTOCRYPT showcased its Cybersecurity Testing Platform (CSTP) designed for UN R155 compliance, as well as its Charging Station Management System (CSMS) for securing electric vehicle charging.

This year marks AUTOCRYPT’s third consecutive attendance at the ITF Summit. As one of the 33 members—and the only cybersecurity company—on the ITF’s Corporate Partnership Board (CPB), AUTOCRYPT has been actively contributing to transport policymaking by sharing its expertise in cybersecurity for vehicular systems and connected road infrastructure.

At this year’s summit, AUTOCRYPT welcomed numerous transport policymakers to its booth to discuss the future of transport security and environmental sustainability. Notable visitors included Germany’s Minister of Digital Affairs and Transport, Volker Wissing; Lithuania’s Minister of Transport and Communications, Marius Skuodis; and South Korea’s Vice Minister for Transport, Baek Won Kug.

From left to right: South Korea’s Vice Minister for Transport, Baek Won Kug; AUTOCRYPT Chairman, Seokwoo Lee; Germany’s Minister of Digital Affairs and Transport, Volker Wissing; AUTOCRYPT Global CTO, Daniel ES Kim, Lithuania’s Minister of Transport and Communications, Marius Skuodis; ITF Secretary-General, Young Tae Kim

AUTOCRYPT’s Global Chief Technology Officer (CTO), Daniel ES Kim, participated in a panel discussion with industry thought leaders on building resilient and sustainable transport in the age of digitalization and AI. When asked about managing potential risks of digitalization, he emphasized the need for “a comprehensive approach that involves standards, regulations, and innovations to implement secure solutions into our vehicles and infrastructure.”

About Autocrypt Co., Ltd.

AUTOCRYPT is the industry leader in automotive cybersecurity and connected mobility technologies. The company specializes in the development and integration of security software and solutions for in-vehicle systems, V2X communications, Plug&Charge, and mobility platforms, paving the way towards a secure and reliable C-ITS ecosystem in the age of software-defined vehicles. AUTOCRYPT also provides consulting and testing services along with custom solutions for UN R155/156 and ISO/SAE 21434 compliance.

9 May, 2024 . 3 mins read

Compliance with UN R156: Securing Vehicle Software Updates

In the past, vehicles were purchased with a fixed set of functionalities that remained unchanged until the owner acquired a new vehicle. However, modern cars have evolved into customizable platforms with software that can be continuously updated and enhanced.

To meet the growing demand for personalization and remain competitive, manufacturers now offer advanced features that can be subscribed to and downloaded onto vehicles at any time after purchase. These functionalities, such as entertainment applications, driver assistance systems, self-driving capabilities, and others, are constantly being improved and updated.

Maintaining this kind of flexible software structure requires vehicle manufacturers to implement periodic update procedures. However, since these updates essentially alter the vehicle’s software and carry a fair amount of potential risks, it is crucial that they are implemented in the most secure way possible. This is where the UNECE Regulation 156 (UN R156) comes into play, establishing a much-needed framework for secure vehicle software updates.

UN R156 Requirements

UNECE Regulation 156 establishes the minimum cybersecurity and Software Update Management System (SUMS) requirements for vehicle manufacturers. According to the regulation, manufacturers must implement the SUMS and demonstrate that they have the necessary processes in place to comply with all secure software update requirements. The requirements can be divided into two main categories:

  1. Software Update Management System Requirements: These include securing communication channels for updates, validating software integrity, implementing access control mechanisms, and maintaining update logs for auditing purposes.
  2. Vehicle Type Requirements: Specific rules and standards that vehicles must meet to ensure secure software updates.

As vehicles become increasingly software-defined, the ability to update their software securely and efficiently is paramount as unsecured software updates can leave vehicles vulnerable to cyber threats, such as malware infections, data breaches, or even remote control of vehicle systems. These risks can compromise vehicle safety, privacy, and security, making it essential to implement robust cybersecurity measures for software updates.

Securing Updates for UN R156 compliance

UNECE Regulation 156 requires manufacturers to implement appropriate cybersecurity measures to mitigate potential risks from software updates. These measures include:

  • Implementing a software update management system
  • Securing communication channels for update processes
  • Validating software integrity to prevent tampering
  • Implementing access control mechanisms to protect against unauthorized access
  • Maintaining update logs for auditing purposes

AUTOCRYPT offers a suite of in-vehicle cybersecurity products and solutions that implement the necessary security processes in line with UN R156 requirements for secure software updates. Apart from cybersecurity implementation, we also offer UN R155/156 compliance consulting services. Visit our UNECE WP.29 Consulting page to learn more and download the WP.29 regulation checklist outlining the steps for UNECE regulation compliance.

As the automotive industry continues to embrace software-defined vehicles, UN R156 plays a crucial role in ensuring the safe and secure updating of vehicle software. By establishing baseline requirements for cybersecurity and software update management systems, this regulation helps protect vehicles, their occupants, and the broader transportation ecosystem from potential cyber threats. Compliance with UNECE Regulation 156 is a critical step towards building a safer and more secure future for the automotive industry.

26 April, 2024 . 2 mins read

Bayanat and AUTOCRYPT Sign MOU to Advance Autonomous Driving and AI Smart Roads in the Region

Under the agreement, firms aim to develop a comprehensive V2X infrastructure plan

ABU DHABI, Apr. 26, 2024 — Bayanat, a leading provider of AI-powered geospatial solutions, has signed a memorandum of understanding (MoU) with AUTOCRYPT, an industry-leading vehicle-to-everything (V2X) and automotive cybersecurity technology firm, to combine its expertise in V2X infrastructure deployment with Bayanat’s AI Smart Roads, enabling and advancing Level 4+ autonomous driving.

The MoU was signed by Abdulla Al Shamsi, Chief Operating Officer of Bayanat, and Seokwoo Lee, AUTOCRYPT’s Chairman and Co-founder, at DRIFTx, an international exhibition supported by the Abu Dhabi Investment Office (ADIO) dedicated to advancing the future of smart and autonomous mobility across air, land, and sea. Under the agreement, Bayanat and AUTOCRYPT will explore a V2X infrastructure deployment strategy, joint R&D projects, and collaboration opportunities.

By combining their expertise to accelerate the development of core technologies for the future of transportation, the companies will develop a comprehensive V2X infrastructure plan.

Abdulla Al Shamsi, Bayanat COO, said: “Our partnership with AUTOCRYPT marks a pivotal moment in our journey towards revolutionizing AI autonomous driving and Smart Road technology. Bayanat is well aligned with the UAE’s strategy for sustainability and is developing technology to provide cutting-edge mobility solutions while allowing for streamlined travel that is not limited by human error. This partnership supports the UAE’s dedication to improving urban development by prioritizing smart mobility and infrastructure initiatives that make our cities more efficient, sustainable, and livable.”

Seokwoo Lee, commented: “We are thrilled to collaborate with Bayanat on developing secure and reliable V2X infrastructure for the UAE’s smart roads. Having played a major role in all of South Korea’s V2X infrastructure development projects throughout the past decade, we look forward to contributing our expertise to this rapidly expanding market.”